package jdbc;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

public class LoginUser {
    public static void main(String[] args) {
//        UserInfo userInfo = InputUtil.getInputObject(
//                new UserInfo(),"欢迎登录","登录"
//        );
        //System.out.println(userInfo);

        try (Connection connection = DBUtil.getConnection()){
            Statement statement = connection.createStatement();
            /*
            SELECT username, password,nickname,age
            FROM userinfo
            WHERE username='"+userInfo.
             */
/*            String sql = "SELECT username, password,nickname,age "+
                         "FROM userinfo "+
                         "WHERE username='"+userInfo.getUsername()+"' "+
                         "AND password='"+userInfo.getPassword()+"' ";*/

            String sql = "SELECT username, password,nickname,age "+
                    "FROM userinfo "+
                    "WHERE username='asdasd' "+
                    "AND password='a' OR '1' = '1' ";
            ResultSet rs = statement.executeQuery(sql);
            if(rs.next()){
                System.out.println("Link Start! "+ rs.getString("nickname")+", 欢迎登录刀剑神域");
            }else {
                System.out.println("登录失败, 用户名或密码不正确");
            }
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
    }
}
